It produced this output:
Updating letsencrypt and virtual environment dependencies…DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6
.DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6
.DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6
.DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6
.DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6
Command “/root/.local/share/letsencrypt/bin/python2 -u -c “import setuptools, tokenize;file=’/tmp/pip-build-D67rxR/python-augeas/setup.py’;f=getattr(tokenize, ‘open’, open)(file);code=f.read().replace(’\r\n’, ‘\n’);f.close();exec(compile(code, file, ‘exec’))” install --record /tmp/pip-MWkfcN-record/install-record.txt --single-version-externally-managed --compile --install-headers /root/.local/share/letsencrypt/include/site/python2.6/python-augeas” failed with error code 1 in /tmp/pip-build-D67rxR/python-augeas/

My operating system is (include version):
CentOS release 6.6 (Final)

My web server is (include version): -

My hosting provider, if applicable, is: -

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Do you know why this doesn’t make any sense? I was running a very old version of the tool, the original let’s encript client and not the certbot. My version was so old that it said it wasn’t automatically updated anymore and yet yesterday this happened.

I had exactly the same issue. - running Centos 7 - and a very old version of the letsencrypt-auto tool so I ran in verbose mode and gcc was barfing about not finding augeas.h.

I installed augeas-devel and python-augeas (not sure why they weren’t there before), then gcc complained about libxml/tree.h, now I know I have libxml installed (libxml2) and checked the headers which were there, albeit as /usr/include/libxml2/libxml/tree.h - I put in a sym link /usr/include/libxml -> /usr/include/libxml2/libxml and now it runs and updates my certs.

Not sure how wise this was but it’s only my test platform so no biggie, nevertheless I think it time to upgrade my letsencrypt install

Remove Default cron job: this runs twice a day and tried to renew the certificates automatically. In my case I had a cron job for this and due to other reasons I need to manually run it:
Delete file /etc/cron.d/certbot

After this I simply replaced letsencrypt-auto by certbot on my script and everything else, including options like --cert-only were working just fine!

@TCB13, I’m glad it’s working for you. I wanted to point out to people reading this thread that this approach is almost always a version downgrade, because letsencrypt-auto/certbot-auto is an autoupdater that gets newly released versions automatically, while using your OS packages will give you the most recent packaged version, which often lags months or a year behind the current release.

Some people who did what you did have had renewal problems because the older Certbot couldn’t parse things in the renewal configuration file. So people who are thinking of switching from certbot-auto to an OS package should be careful to check that their renewals still work as expected.

then many errors, including SNIMissingWarning and InsecurePlatformWarning are issued, recommending I upgrade my python version.

Keep in mind, I have very very little experience working with python. I don’t want to have to learn it just to debug non-working auto-updated this letsencrypt system. Just me complaining in this point. :’(

which python shows:
/usr/bin/python

And letsencrypt errors show it apparently using /root/.local/share/letsencrypt/bin/python2.7 for some reason. Likely for system stability, but how do I upgrade this? I don’t know if it uses plugins or libraries that are contained within and if I upgrade, they’ll get nuked and more errors will occur.

You are likely using an old version of letsencrypt-auto from before we pinned versions of python-augeas. Replacing that script with https://dl.eff.org/certbot-auto (or downloading from any other certbot source) and running as before should fix this issue.